breach
-
Blog
Great Plains Bank notifies 7K+ people of data breach that compromised SSNs
Great Plains Bank Corporation, the parent company of Great Plains National Bank, yesterday confirmed it notified 7,767 people about a November 2024 data breach that compromised names and Social Security numbers. Ransomware gang Akira claimed responsibility for the attack on December 16, 2024, saying it stole 18 GB of data from Great Plains National Bank. The group further claims to…
Read More » -
Blog
San Antonio doctors notify 2,000 patients of data breach that compromised SSNs, financial and medical info
Consultants in Pain Medicine yesterday confirmed it notified 2,062 Texans about a June 2024 data breach that compromised the following patient info: Names Social Security numbers Dates of Birth Driver’s license or other state-issued ID number Financial account into Passport numbers Medical info Health insurance policy info Ransomware gang Inc claimed responsibility for the attack in August 2024. To prove…
Read More » -
Blog
Zacks Investment breach could leave 12 million customer accounts exposed
Zacks Investment, a leading investment research company, has allegedly suffered a data breach that could see roughly 15 million customer records exposed. A threat actor under the name Jurak posted on the dark web hacking forum BreachForums on 24 January 2025, claiming to have breached Zacks Investment in June last year. Zacks is a major financial analysis provider best known…
Read More » -
Blog
Chinese hackers breach more US telecoms via unpatched Cisco routers
China’s Salt Typhoon hackers are still actively targeting telecoms worldwide and have breached more U.S. telecommunications providers via unpatched Cisco IOS XE network devices. Recorded Future’s Insikt Group threat research division states that the Chinese hacking group (tracked Salt Typhoon and RedMike) has exploited the CVE-2023-20198 privilege escalation and CVE-2023-20273 Web UI command injection vulnerabilities. These ongoing attacks have already…
Read More » -
Blog
PostgreSQL flaw exploited as zero-day in BeyondTrust breach
Rapid7’s vulnerability research team says attackers exploited a PostgreSQL security flaw as a zero-day to breach the network of privileged access management company BeyondTrust in December. BeyondTrust revealed that attackers breached its systems and 17 Remote Support SaaS instances in early December using two zero-day bugs (CVE-2024-12356 and CVE-2024-12686) and a stolen API key. Less than one month later, in…
Read More » -
Blog
Sarcoma ransomware claims breach at giant PCB maker Unimicron
A relatively new ransomware operation named ‘Sarcoma’ has claimed responsibility for an attack against the Unimicron printed circuit boards (PCB) maker in Taiwan. The cybercriminals have published samples of files allegedly stolen from the company’s systems during the attack and threaten to leak everything next week if a ransom is not paid. In a new listing added to Sarcoma’s leak site yesterday,…
Read More » -
Blog
Georgia school district issues data breach notification after ransomware claim – SSNs & account numbers leaked
Muscogee County School District has started issuing data breach notifications following a cyber attack in December 2024. This attack was claimed by ransomware gang SafePay in late January with 382 GB of data allegedly stolen. In its notification, Muscogee County School District (MCSD) states that it detected suspicious activity on its network on December 26, 2024. However, after investigation, it…
Read More » -
Blog
North Carolina law firm notifies 13K people of data breach that compromised SSNs
Yesterday, Mewborn & DeSelms, Attorneys at Law began notifying 12,941 people of a data breach following a cyber attack in April 2024. Ransomware gang BlackSuit claimed an attack on the North Carolina law firm in May 2024. In its notification, Mewborn & DeSelms states: “On April 2, 2024, Mewborn & DeSelms identified a network disruption and promptly initiated an investigation…
Read More » -
Blog
Cisco dispels Kraken data breach claims, insists stolen data came from old attack
Cisco has pushed back on claims it has been breached in a new ransomware attack after a threat actor exposed sensitive information allegedly stolen from the firm’s internal network. The Kraken ransomware group posted the information, which according to reporting by Cyber Press contained credentials linked to Cisco’s Windows Active Directory environment, to its dark web leak site. This data…
Read More » -
Blog
HPE alerts affected staff after Midnight Blizzard breach
Hewlett Packard Enterprise (HPE) is notifying staff whose personal data was accessed by Russian state-sponsored hackers back in May 2023. According to filings with the attorney general offices in New Hampshire and Massachusetts, the company has written to at least 16 people, notifying them that their driver’s licenses, credit card numbers, and Social Security numbers may have been stolen in…
Read More »